FROM centos:centos7 as builder

RUN yum upgrade -y
RUN yum install -y wget curl git telnet passwd gcc g++ make net-tools libpcre3-dev vim lsof perl openssl-devel openssh* 

ADD ./ngx_setup/luajit2.tar.gz /home/ngx_setup
WORKDIR /home/ngx_setup/luajit2
RUN make && make install PREFIX=/home/luajit
ENV LUAJIT_LIB=/home/luajit/lib
ENV LUAJIT_INC=/home/luajit/include/luajit-2.1

ADD ./ngx_setup/openssl-1.0.2s.tar.gz /home
ADD ./ngx_setup/nginx-1.20.2.tar.gz /home/ngx_setup

ADD ./ngx_setup/ngx_devel_kit.tar.gz /home/ngx_setup
ADD ./ngx_setup/lua-nginx-module.tar.gz /home/ngx_setup
ADD ./ngx_setup/lua-resty-core.tar.gz /home/ngx_setup
ADD ./ngx_setup/lua-resty-lrucache.tar.gz /home/ngx_setup

WORKDIR /home/ngx_setup/nginx-1.20.2

RUN ./configure --prefix=/home/nginx1202 \
    --with-openssl=/home/openssl-1.0.2s \
    --with-ld-opt="-Wl,-rpath,/home/luajit/lib" \
    --add-module=/home/ngx_setup/ngx_devel_kit \
    --add-module=/home/ngx_setup/lua-nginx-module \
    --with-http_ssl_module 

RUN make && make install

WORKDIR /home/ngx_setup/lua-resty-core
RUN make install PREFIX=/home/nginx1202

WORKDIR /home/ngx_setup/lua-resty-lrucache
RUN make install PREFIX=/home/nginx1202

FROM centos:centos7
RUN yum install -y make openssh-server
COPY --from=builder /home/openssl-1.0.2s /home/openssl-1.0.2s
COPY --from=builder /home/nginx1202 /home/nginx1202
COPY --from=builder /home/ngx_setup/luajit2 /home/ngx_setup/luajit2

WORKDIR /home/ngx_setup/luajit2
RUN make install PREFIX=/home/luajit
ENV LUAJIT_LIB=/home/luajit/lib
ENV LUAJIT_INC=/home/luajit/include/luajit-2.1
RUN rm -rf /home/ngx_setup

#修改root用户密码
RUN echo "cw" | passwd --stdin root

#设置不使用ssh服务端的pam模块
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config

#创建非对称秘钥
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

#关闭pam.d的ssh会话模块
RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^ /#/' /etc/pam.d/sshd
RUN sed -i 's/#Port 22/Port 8522/' /etc/ssh/sshd_config

#创建ssh工作目录并设置权限
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh

COPY entrypoint.sh /
RUN  chmod 777 /entrypoint.sh

#暴露端口
EXPOSE 8522 8588

#运行服务
CMD ["bash", "-c", "/entrypoint.sh start && tail -f /dev/null"]